Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/AndrewPla/GreyNoisePS

PowerShell module to interact with the GreyNoise API
https://github.com/AndrewPla/GreyNoisePS

greynoise powershell

Last synced: about 1 month ago
JSON representation

PowerShell module to interact with the GreyNoise API

Awesome Lists containing this project

README

        

# GreyNoisePS
PowerShell module to interact with the GreyNoise API. This currently works with the both the paid and community API endpoints.

## Community API Command Usage

### The GNIpInfo command is the only one available for community level accounts

Return information about an IP address.

```
Get-GNIpInfo -Ip 8.8.8.8

ip : 8.8.8.8
noise : False
riot : True
classification : benign
name : Google Public DNS
link : https://viz.greynoise.io/riot/8.8.8.8
last_seen : 2021-03-26

```

Return information about your local TCP connections

```
Get-NetTCPConnection | Where-Object {
($_.RemoteAddress -notlike '0.0.0.0') -and
($_.RemoteAddress -notlike '127.*') -and
($_.RemoteAddress -notlike '*::*') } |
Sort-Object -Property RemoteAddress -Unique |
Get-GNIpInfo

ip : 140.82.113.25
noise : False
riot : True
classification : benign
name : Github
link : https://viz.greynoise.io/riot/140.82.113.25
last_seen : 2021-03-26
message : Success

ip : 162.159.130.234
noise : False
riot : True
classification : benign
name : Cloudflare CDN
link : https://viz.greynoise.io/riot/162.159.130.234
last_seen : 2021-03-26
message : Success

```

## Paid API Command Usage

### All commands are supported with a Paid API account

Confirm access to the GreyNoise API and API Key status

```
Get-GNPing -Key $key
```

Retrieve full Mass-Internet scanning Context data for multiple IPs

```
Get-GNMultiIpContext -Ips $ips -Key $key
```

Retrieve full Mass-Internet scanning Context data for a single IP

```
Get-GNIpContext -Key $key -Ip $ip -Key $key
```

Perform a GreyNoise Quick Lookup for multiple IPs

```
Get-GnIpQuickCheck -Ip $ip -Key $key
```

Perform a GreyNoise Quick Lookup for a single IP

```
Get-GNMultiIpQuickCheck -Ips $ips -Key $key
```

Perform a GreyNoise Common Business Service IP Lookup for a single IP

```
Get-GNRiotIpLookup -Ip $ip -key $key
```

Perform a GreyNoise Query

```
Get-GNQLQuery -GNQLQuery 'last_seen:today' -Key $key
```

Get Statistics for a GreyNoise Query

```
Get-GNQLStats -Key $key -GNQLQuery '(raw_data.scan.port:445 and raw_data.scan.protocol:TCP) metadata.os:Windows*'
```

Get GreyNoise Tag Details

```
Get-GNTagMetadata -key $key
```